Last month, the OpenSSF community gathered in Salt Lake City for #SigstoreCon: Supply Chain Day, co-located with #KubeCon NA 2024! 🎉 This conference was packed with insightful keynotes, technical deep dives, and case studies, showcasing how #Sigstore is transforming software supply chain security. Sigstore is revolutionizing software integrity by simplifying the signing and verification of digital artifacts, ensuring developers and organizations can implement security practices at scale. Check out key moments from the conference, including: 🔑 Keynotes from Bob Callaway (Google) & Luke Hinds (Stacklok) 🔍 Technical deep dives on sigstore's advancements 🔐 Real-world case studies from Red Hat, Ruby Central, Inc., and more Read the full blog to explore the highlights and how Sigstore is shaping the future of software security: https://lnkd.in/d6se9vNx Hayden Blauzvern, Bob Callaway, Luke Hinds, Chinenye Okafor, Jussi Kukkonen, Poppaea McDermott, Parth Patel, CISSP, λ Mihai λ Maruseac λ, Ian Dunbar-Hall, Marc Frankel, @Samuel Giddins, Lance Ball, @Brian Cook, @William Woodruff, Zach Steindler
OpenSSF’s Post
More Relevant Posts
-
What is ASPM? Why is it needed? Legit CEO Roni Fuchs' short Q&A session with Enterprise Security Tech is a great summary of the current application security landscape and ASPM's place in it. #ASPM #LegitSecurity #ApplicationSecurity
We sat down with Roni Fuchs, CEO and co-founder of Legit Security, to discuss the evolving challenges for security teams in today’s fast-paced software development landscape. Recently named Best Application Security Solution by The Tech Ascension Awards, Legit Security’s ASPM platform is redefining how enterprises manage risk across their software supply chains. https://lnkd.in/gXXF6SCy
Legit Security CEO: Modern Software Threats and How to Redefine Application Security
enterprisesecuritytech.com
To view or add a comment, sign in
-
In today’s world, strengthening our military requires collaboration, particularly in providing them with cutting-edge technology. Partnering with Chainguard will offer our customers countless benefits: 🛡️ Improved Security: Chainguard’s images deliver safer software, enhancing security measures. ⏩ Expedited Approval: Chainguard’s software accelerates the approval process, enabling customers to meet government standards faster. 🔨 Streamlined Development: Customers can develop software more efficiently, prioritizing innovation over troubleshooting.
Second Front Systems is proud to announce our strategic partnership with Chainguard a leading software supply chain security company. This partnership will provide 2F's customers with access to a custom registry of secure, minimal container images, accelerating their accreditation journey as they look to serve government end users. "Chainguard shares our mission of accelerating the delivery of secure software, making it the ideal partner to provide our customers with the cleanest registry of images available in the market," said 2F CEO Tyler Sweatt. "By leveraging the registry, Second Front's customers can spend more time developing and deploying mission-critical solutions in compliance with industry standards." On Wed., April 3, Tyler Sweatt and Dan Lorenc will host a 30-minute livestream to discuss the partnership and the value of delivering secure, best-in-class software solutions to the US Government and its allies at speed. Register here to join the conversation: https://lnkd.in/eUAMkS_7 Learn more here: https://lnkd.in/erf6MhYz
Second Front Systems Announces Partnership with Chainguard
prnewswire.com
To view or add a comment, sign in
-
🚨 Your secrets may not be as safe as you think. This morning, we shared Aqua Nautilus' latest findings on widespread enterprise secrets exposure in leading Source Code Management Systems. Now, dive deeper into the research with our latest blog: 🔍 Uncovering hidden secrets 📖 Case studies from the wild 🔧 Why do secrets scanning tools miss secrets? 🌐 Secrets that are accessible via cached views of SCM platforms 🛡️ How to better protect your code and infrastructure Explore various strategies to uncover secrets that may otherwise be hidden for years, read here ➡️ https://lnkd.in/ekJKMQgW Catch Yakir Kadkoda live at #CloudNativeSecurityCon for a breakdown of the research! #AquaNautilus #PhantomSecrets #CommitOnceExposeForever
Phantom Secrets: Undetected Secrets Expose Major Corporations
aquasec.com
To view or add a comment, sign in
-
Simply brillant and Open Source! In software supply chain security, it has become either a « defacto » standard or by regulation cascade (CRA, NIS2, NIST cybersecurity framework 2.0) to systematically sign (cryptographically) every software, every update, every patch, every fix, every configuration file. Our blog below describes how to integrate cryptographic signing with Chainloop tool managing the SBOMs, QA reports, CVE scans… 👇
Keyfactor & Chainloop strengthen Software Supply Chains Really enjoyed working with Miguel Martinez Trivino and the entire Chainloop team on integrating Chainloop with EJBCA and SignServer from Keyfactor. This integration provides customers with enhanced PKI options, bringing added security and verifiable provenance to strengthen software supply chains. https://lnkd.in/ebub7uMg
Software Supply Chain Compliance and Security Policies with SignServer, EJBCA, and Chainloop - EJBCA
ejbca.org
To view or add a comment, sign in
-
The latest update for #Sysdig includes "#Containersecurity best practices: Comprehensive guide" and "#AWS Launches Improvements for Key Quarantine Policy". #cybersecurity #devops https://lnkd.in/eqQbjuNR
Sysdig
securitysenses.com
To view or add a comment, sign in
-
Imagine buying an old, worn-down car to navigate the city, only to spend most of your time and money on maintenance. This scenario mirrors the challenges of implementing APIs. If your business is considering or has already integrated APIs, it’s vital to do so securely and effectively. With decades of experience in API implementation and security, we can help you avoid common pitfalls. Curious about our approach? Visit us at buff.ly/4eKjWAJ for more information!
To view or add a comment, sign in
-
Most organizations connect with "tents" outside the corporate systems, such as other APIs and third-party applications. Here's how to ensure these tents and their APIs are secure.
How to Build a Fortress with the Security of a Tent | Nordic APIs |
https://nordicapis.com
To view or add a comment, sign in
-
Stay updated on the state of #ApplicationSecurity by checking out these six practitioner-curated Substacks 👉 https://bit.ly/4bJ4Ut6 Discover the latest news & strategies for managing your #AppSec & #SoftwareSupplyChainSecurity engines, ft. expert insights from Gergely Orosz, Chris H., Walter Haydock, Derek Fisher & more.
The top AppSec Substacks to follow
reversinglabs.com
To view or add a comment, sign in
-
Really excited for this next step for a bunch of reasons: - Allows us to stay focused on our core position of strength: Secure data and make it recoverable - Get after real platform integration combining Rubrik and Laminar code - Solve real problems across all aspects of a hybrid environment - Make organizations more secure and also control their spend at the same time. This is honestly one of the things im most excited for...far too often security comes at the expense of TCO. We can do both simultaneously. https://lnkd.in/g3MdmZGt
Rubrik Delivers Industry’s First-of-its-Kind DSPM Everywhere Securing Data Wherever it Lives
rubrik.com
To view or add a comment, sign in
-
Graylog: Open-source log management: Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers to security, application, and IT infrastructure questions. Graylog key features It is easy to install with a standard tech stack, combined with support for data collection across various data input types with the immediate ability to search across ingested data. Complex query support with auto-complete suggestions. Single or multiple input parameters to quickly … More → The post Graylog: Open-source log management appeared first on Help Net Security. @Poseidon-US #HelpNetSecurity #Cybersecurity
Graylog: Open-source log management - Help Net Security
https://www.helpnetsecurity.com
To view or add a comment, sign in
8,998 followers